cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From radh...@apache.org
Subject git commit: updated refs/heads/master to 2e7cda8
Date Wed, 21 Aug 2013 04:35:31 GMT
Updated Branches:
  refs/heads/master caaf4ed0c -> 2e7cda826


CLOUDSTACK-906 review comments fixed


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/2e7cda82
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/2e7cda82
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/2e7cda82

Branch: refs/heads/master
Commit: 2e7cda826e75aeffd82ae038bcfdb41bdb1a8022
Parents: caaf4ed
Author: radhikap <radhika.puthiyetath@citrix.com>
Authored: Wed Aug 21 10:01:10 2013 +0530
Committer: radhikap <radhika.puthiyetath@citrix.com>
Committed: Wed Aug 21 10:01:48 2013 +0530

----------------------------------------------------------------------
 docs/en-US/vnmc-cisco.xml | 52 +++++++++++++++++++++++++++++-------------
 1 file changed, 36 insertions(+), 16 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/2e7cda82/docs/en-US/vnmc-cisco.xml
----------------------------------------------------------------------
diff --git a/docs/en-US/vnmc-cisco.xml b/docs/en-US/vnmc-cisco.xml
index 7c72178..62a472d 100644
--- a/docs/en-US/vnmc-cisco.xml
+++ b/docs/en-US/vnmc-cisco.xml
@@ -21,15 +21,19 @@
 <section id="vnmc-cisco">
   <title>External Guest Firewall Integration for Cisco VNMC (Optional)</title>
   <para>Cisco Virtual Network Management Center (VNMC) provides centralized multi-device
and policy
-    management for Cisco Network Virtual Services. When Cisco VNMC is integrated with ASA
1000v
-    Cloud Firewall and Cisco Nexus 1000v dvSwitch in &PRODUCT; you will be able to: </para>
+    management for Cisco Network Virtual Services. You can integrate Cisco VNMC with &PRODUCT;
to
+    leverage the firewall and NAT service offered by ASA 1000v Cloud Firewall. Use it in
a Cisco
+    Nexus 1000v dvSwitch-enabled cluster in &PRODUCT;. In such a deployment, you will
be able to: </para>
   <itemizedlist>
     <listitem>
-      <para>Configure Cisco ASA 1000v Firewalls</para>
+      <para>Configure Cisco ASA 1000v firewalls. You can configure one per guest network.</para>
     </listitem>
     <listitem>
-      <para>Create and apply security profiles that contain ACL policy sets for both
ingress and
-        egress traffic, connection timeout, NAT policy sets, and TCP intercept</para>
+      <para>Use Cisco ASA 1000v firewalls to create and apply security profiles that
contain ACL
+        policy sets for both ingress and egress traffic.</para>
+    </listitem>
+    <listitem>
+      <para>Use Cisco ASA 1000v firewalls to create and apply NAT policy sets.</para>
     </listitem>
   </itemizedlist>
   <para>&PRODUCT; supports Cisco VNMC on Cisco Nexus 1000v dvSwich-enabled VMware
@@ -43,7 +47,7 @@
       </listitem>
       <listitem>
         <para>A Cloud administrator adds ASA 1000v appliances by using the admin API
-          addCiscoAsa1000vResource. You can configure one per guest network.</para>
+          addCiscoAsa1000vResource. .</para>
       </listitem>
       <listitem>
         <para>A Cloud administrator creates an Isolated guest network offering by using
ASA 1000v as
@@ -51,6 +55,32 @@
       </listitem>
     </itemizedlist>
   </section>
+  <section id="notes-vnmc">
+    <title>Guidelines</title>
+    <itemizedlist>
+      <listitem>
+       <para>When a guest network is created with Cisco VNMC firewall provider, an
additional public
+          IP is acquired along with the Source NAT IP. The Source NAT IP is used for the
rules,
+          whereas the additional IP is used to for the ASA outside interface. Ensure that
this
+          additional public IP is not released. You can identify this IP as soon as the network
is
+          in implemented state and before acquiring any further public IPs. The additional
IP is the
+          one that is not marked as Source NAT. You can find the IP used for the ASA outside
+          interface by looking at the Cisco VNMC used in your guest network.</para>
+      </listitem>
+      <listitem>
+        <para/>
+      </listitem>
+      <listitem>
+        <para/>
+      </listitem>
+      <listitem>
+        <para/>
+      </listitem>
+      <listitem>
+        <para/>
+      </listitem>
+    </itemizedlist>
+  </section>
   <section id="deploy-vnmc">
     <title>Using Cisco ASA 1000v Firewall, Cisco Nexus 1000v dvSwitch, and Cisco VNMC
in a
       Deployment</title>
@@ -103,16 +133,6 @@
         </listitem>
       </itemizedlist>
     </section>
-    <section id="notes-vnmc">
-      <title>Guidelines</title>
-      <para>When a guest network is created with Cisco VNMC firewall provider, an additional
public
-        IP is acquired along with the Source NAT IP. The Source NAT IP is used for the ASA
outside
-        interface, whereas the additional IP is used to workaround an ASA limitation. Ensure
that
-        this additional public IP is not released. You can identify this IP as soon as the
network
-        is in implemented state and before acquiring any further public IPs. The additional
IP is
-        the one that is not marked as Source NAT. You can find the IP used for the ASA outside
-        interface by looking at the Cisco VNMC used in your guest network.</para>
-    </section>
     <section id="how-to-asa">
       <title>Using Cisco ASA 1000v Services</title>
       <orderedlist>


Mime
View raw message